Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

How Law Enforcement Gets Data from AT&T, T-Mobile and Verizon

October 27, 2021

Vice reported on October 25 that a newly obtained document written by the FBI lays out how it and other law enforcement agencies obtain location information of phones from telecommunication companies.

Not everything is new – the document confirms what we already knew about law enforcement access to telecommunications data—how officials can request location data from a telecom with a warrant or use court orders to obtain other information on a phone user, for example.

What’s new is the recitation of exactly what data each carrier collects, a more recent explanation of how long each telecom retains certain types of data, and some images of the tool the FBI makes available to law enforcement agencies across the country to analyze cell phone tower data.

Ryan Shapiro, executive director of nonprofit organization Property of the People, shared the document after obtaining it through a public record act request. Property of the People focuses on obtaining and publishing government records.

I like them already.

The document, a 139 page slide presentation dated 2019, is written by the FBI’s Cellular Analysis Survey Team (CAST). It is thought that not much has changed since the document was written.

CAST supports the FBI as well as state, local, and tribal law enforcement investigations through the analysis of call data and tower information. That may include obtaining the data from telecommunications companies in the first place; analyzing tower dumps that can show which phones were in an approximate location at a given time; providing expert witness testimony; and performing drive tests to verify the actual coverage of a cell tower.

When necessary, CAST will utilize industry standard survey gear drive test equipment to determine the true geographical coverage breadth of a cell site sector,” the presentation reads. The presentation highlights the legal process required to obtain information from a telecommunications company, such as a court order or search warrant.

CAST provides its own cell phone data visualization tool to law enforcement officials around the country called CASTViz for free.

“CASTViz has the ability to quickly plot call detail records and tower data for lead generation and investigative purposes,” the presentation reads. The document includes images of and instructions for the CASTViz software itself.

Nate Wessler, deputy project director of the Speech, Privacy, and Technology Project at the American Civil Liberties Union (ACLU), said in a phone call that “I’ve never seen a visualization of it” after viewing the document. He added that the document raises questions about what sort of assumptions are built into this tool, and what errors this software might make. (The presentation adds that maps and analysis created by CASTViz should not be taken to court without being validated for accuracy, and that testimony should only be through a qualified expert).

The document also explains how data requests from Mobile Virtual Network Operators (MVNOs) such as Boost Mobile are handled, explains how to obtain location data from what the FBI describes as “burner phones,” and how to obtain information from OnStar, General Motors’ in-vehicle system. The document also provides the cost of some of this data for law enforcement to request.

One highlight of the document: It provides more recent figures on how long telecoms retain data for. AT&T holds onto data such as call records, cell site, and tower dumps for 7 years. T-Mobile holds similar information for 2 years, and Verizon holds it for 1 year.

“There is no conceivable business reason they need that much,” Wessler said, referring to AT&T’s longer retention periods than other telecoms.

The presentation also shows that AT&T retains “cloud storage internet/web browsing” data for 1 year. When asked what this detail entails, such as websites visited by customers on the AT&T network, AT&T spokesperson Margaret Boles said in an email that ​​“Like all companies, we are required by law to comply with mandatory legal demands, such as warrants based on probable cause. Our responses comply with the law.” The document also mentions that law enforcement can request records related to wearable devices from AT&T.

Another section that provides an overview of the different engineering and location datasets held by telecoms and potentially available to law enforcement agencies tells officials to use some AT&T data “cautiously.” As it notes, “AT&T does not validate results.”

Lots of information here that lawyers may find instructive. Spread the word.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology